The FBI, together with Google and cybersecurity firm Black Lotus Labs, has shut down a massive Chinese phishing operation called Outsider Enterprise. Active since at least 2023, this service sold ready-made phishing kits to criminals who used them to send fake text messages pretending to be from trusted brands like Google, AT&T, and major banks.
The scale was staggering: over 3.8 million credit card numbers were stolen and more than 2.5 million fake SMS messages were sent to Android users in just a two-week period in May 2026. Google linked over 9,000 fake websites and more than 1 million fraudulent URLs to the operation. Total estimated losses exceeded $1.9 billion. Authorities seized the service’s administration servers, a Shopify storefront, cryptocurrency wallets, and a Telegram bot used to manage the criminal enterprise — all under “Operation Riptide.”
How to check if you’re affected
Affected devices are any Android phone that received suspicious texts about package deliveries, toll fees, or account alerts from Google, major banks, or delivery services. If you clicked a link in such a text and entered payment information, treat that card as compromised:
- Check your credit card and bank statements for unfamiliar charges.
- Call your bank immediately if you spot anything suspicious.
- Consider placing a fraud alert or credit freeze with the major credit bureaus.